Security fixes target the latest released version of TSM.

Please report security issues privately by opening a GitHub security advisory if the repository has advisories enabled. If advisories are not available, contact the maintainer through the GitHub profile linked from the repository.

Do not include secrets, private pane output, SSH hostnames, or access tokens in a public issue.

TSM is local-first:

• It reads tmux session metadata and, when enabled, a small tail of local tmux pane output.
• It does not run a daemon.
• It does not send pane contents to any service.
• Webhook notifications are disabled by default and only run when notify_webhook is explicitly configured.
• Shell and tmux config changes are marker-block based and create backups.

Set status_capture_lines=0 to disable pane-tail status detection.